IPv6 Support in Ocata

I have an openstack cloud (ocata) in HA configuration (3 controllers, 2 compute nodes). At the moment, it supports only IPv4 (TypeDrivers: vxlan, flat) (Mechanism Drivers: linuxbridge,l2population). Now, I want to enabled IPv6 support for my tenants. What is the procedure to accomplish IPv6 Support?

Suppose eth0 is used for public internet connectivity and as interface to provider network, do we need to provide IPv4 and IPv6 address to eth0. I am using linux bridge agent.

Comments

These chapters doesn't talk about provider network interface configuration. As per link text, we cannot have IPv6 address to NIC that is connected to provider network. Openstack disables IPv6 for linux bridges.

The easy way to give a tenant ipv6 support is to do nothing! Just create the tenant on a provider network that is ipv6 enabled. Linuxbridge passes the ipv6 packets out of the box. When I say the provider network is ipv6 enabled, I mean the external network is ipv6 enabled (i.e. my campus subnet has a radvd daemon running, ipv6 tunnel, or whatever is your use case).

For example, on an standard Ocata ubuntu tutorial build with no special ipv6 configuration added, the cirros tenant picks up necessary ipv6 info from the external provider network (addresses changed to protect the innocent):

You won't see the ipv6 address in the horizon dashboard listing, but as you can see above the tenant gets a global address and has ipv6 connectivity. To add ipv6 security group rules, use ::0 instead of 0.0.0.0/0 for the remote prefix.

The key is ipv6 on your network segment OUTSIDE of OpenStack must work. So, if I have campus vlan 600 and I plug a laptop into that segment, I should get a global ipv6 address and have v6 connectivity. In my case I'm using slaac on my campus segment and an radvd daemon on a linux box. And, of course that segment also has ipv4. My /etc/radvd.conf looks like this (address changed):

I use this network segment as my provider network. I follow the vanilla ubuntu tutorial build:
https://docs.openstack.org/ocata/inst... So, the interface that is connected to the campus vlan 600 segment is just what you would normally have on the controller (network) and computes for provider:

auto eth0
iface eth0 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down

I don't change anything from the tutorial guide when I configure neutron or when I create the provider network. I just create it for ipv4 (NO ipv6 subnet, NO slaac options, NO dhcp6 options). ipv4 only, like in the guide: https://docs.openstack.org/ocata/inst...

When the tenant gets created on the provider network, it gets it's ipv4 address and info from neutron, but ipv6 router advertisements and neighbor discovery will ...(more)

Comments

Suppose eth0 is the provide network interface; does eth0 have both IPv4 and IPv6 addresses?
Could you please provide ifconfig output of a controller (network) node?
Also provide the output of "rpm -qa | grep openstack-neutron" from a controller (network) node.
Thanks.

See added details above. Controller and compute have self assigned ipv6 link addresses. I don't want them to get global addresses, because then they are exposed. So I disable ipv6 autoconfiguration: https://superuser.com/questions/33196...